Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

"Potentially attacked means an incident occurred, but you aren't sure if it is a specific, targeted attack or just an incident of random infection."

I guess you have never looked through your logs, or run an IDS system in your place of work or home. Attacks are literally happening all the time. The amount of people guessing passwords on an ftp, or simply throwing php exploits at your webserver can be tens or hundreds of IP addresses a day.

This is a joke, or else they don't understand the meaning of "potential" attack.

I am all for disclosing when a company or organization gets legitimately hacked. But potential attacks? that would be literally thousands of lines of log files daily, even on a home connection.

The SEC guidance never says â potential attackâ. It talks about making sure companies include potential cyber security incidents as part of their risk assessment.

The rest refers to successful incidents and attacks that result in material financial cost or loss. This was written by the finance guys. They aren't interested in your firewall logs. They wasn't to make sure a company takes this stuff into account when reporting material risk.

THREATENED cyber incidents?! You have to be f--king joking. We stop hundreds or maybe thousands of these every day. Malicious emails? Yup. Infected web pages? Yup. Firewall probes? Wup. Everybody is constantly at war with this stuff all the time.

Sony only disclosed because PSN went down and people noticed. We don't know if they really disclosed everything or not. It's a little more complicated though, I think that with this being labeled as guidance is a step towards harder regulations on corporate security and consumer standards for privacy when submitting data to a corporation. As it stands it's unregulated and people have taken advantage of it.

We connected our enterprise to the Internet in October 1992. Starting roughly two weeks from that time, we have been under continuous attack from various robots, disgruntled former employees, botnets, viruses, worms, and possibly space aliens. Honestly, we really don't even try to check on the origin of these attacks, we just tarpit them all.

Should you require more detail, we can arrange a real-time feed from our firewall systems, which are currently being attacked roughly every four seconds, just like every other network of our size in the entire world.

Please feel free to attempt to determine the source and purpose of these attacks, since clearly you are no longer interested in monitoring the world's business economy and thus helping ensuring a free and fair marketplace.